Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2379 PHPGurukul Apartment Visitors Management System create-pass.php sql injection — Apartment Visitors Management System 7.3 High2025-03-17
CVE-2025-2378 PHPGurukul Medical Card Generation System download-medical-cards.php sql injection — Medical Card Generation System 7.3 High2025-03-17
CVE-2025-2374 PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection — Human Metapneumovirus Testing Management System 6.3 Medium2025-03-17
CVE-2025-2373 PHPGurukul Human Metapneumovirus Testing Management System check_availability.php sql injection — Human Metapneumovirus Testing Management System 6.3 Medium2025-03-17
CVE-2025-2200 SQL injection vulnerability in the Innovación y Cualificación IcProgreso plugin — IcProgreso plugin 9.8 -2025-03-17
CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php — ajax.php plugin 8.8 -2025-03-17
CVE-2025-2372 PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery.php sql injection — Human Metapneumovirus Testing Management System 7.3 High2025-03-17
CVE-2025-2362 PHPGurukul Pre-School Enrollment System contact-us.php sql injection — Pre-School Enrollment System 7.3 High2025-03-17
CVE-2025-2358 Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injection — Mingyuan Real Estate ERP System 6.3 Medium2025-03-17
CVE-2025-2353 VAM Virtual Airlines Manager HTTP GET Parameter index.php sql injection — Virtual Airlines Manager 7.3 High2025-03-16
CVE-2025-2351 DayCloud StudentManage Login Endpoint adminScoreUrl sql injection — StudentManage 7.3 High2025-03-16
CVE-2025-26976 WordPress PrivateContent plugin <= 8.11.4 - SQL Injection vulnerability — PrivateContent 8.5 High2025-03-15
CVE-2025-26978 WordPress FS Poster plugin <= 6.5.8 - SQL Injection vulnerability — FS Poster 8.5 High2025-03-15
CVE-2025-27281 WordPress All In Menu Plugin <= 1.1.5 - SQL Injection vulnerability — All In Menu 8.5 High2025-03-15
CVE-2025-26886 WordPress PublishPress Authors plugin <= 4.7.3 - SQL Injection vulnerability — PublishPress Authors 7.6 High2025-03-15
CVE-2025-26875 WordPress Multiple Shipping And Billing Address For Woocommerce Plugin <= 1.3 - SQL Injection vulnerability — Multiple Shipping And Billing Address For Woocommerce 9.3 Critical2025-03-15
CVE-2019-25222 Thumbnail carousel slider <= 1.0.4 - Authenticated (Admin+) SQL Injection — Thumbnail carousel slider 4.9 Medium2025-03-15
CVE-2025-1670 School Management System – WPSchoolPress <= 2.2.16 - Authenticated (Parent+) SQL Injection — School Management System – WPSchoolPress 6.5 Medium2025-03-15
CVE-2025-1669 School Management System – WPSchoolPress <= 2.2.17 - Authenticated (Teacher+) SQL Injection — School Management System – WPSchoolPress 6.5 Medium2025-03-15
CVE-2024-12245 Blind SQL Injection in Logout — LogicalDOC Community 9.1 -2025-03-14
CVE-2024-54447 Blind SQLi in Saved Search — LogicalDOC Community 8.1 -2025-03-14
CVE-2024-54446 Blind SQLi in Document History — LogicalDOC Community 8.1 -2025-03-14
CVE-2024-54445 Blind SQLi in Login — LogicalDOC Community 9.1 -2025-03-14
CVE-2022-29059 Fortinet FortiWeb SQL注入漏洞 — FortiWeb 2.6 Low2025-03-14
CVE-2024-13321 AnalyticsWP <= 2.0.0 - Unauthenticated SQL Injection — AnalyticsWP 7.5 High2025-03-14
CVE-2025-2221 WPCOM Member <= 1.7.6 - Unauthenticated Time-Based SQL Injection — WPCOM Member 7.5 High2025-03-14
CVE-2025-27103 Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability​ — dataease 8.8 -2025-03-13
CVE-2025-2250 WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins <= 2.32 - Authenticated (Admin+) SQL Injection — ReportAttacks — Brute Force & Login Protection 4.9 Medium2025-03-13
CVE-2025-2107 Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection — ArielBrailovsky-ViralAd 7.5 High2025-03-13
CVE-2025-2106 Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection — ArielBrailovsky-ViralAd 7.5 High2025-03-13

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.